
import de.stalinski.login.Watcher;
import de.stalinski.util.Crypter;
import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class LoginAuthentication extends HttpServlet {
    private ServletConfig config;
    private static String sHost = "localhost";
    private static String sDB = "frbrUsers";
    private static String sTable = "customers";
    private static String sUsr = "root";
    private static String sPwd = "admin";
    private static String sConn = "jdbc:mysql://" + sHost + ":3306/" + sDB;

    public void init(ServletConfig config)
            throws ServletException {
        this.config = config;
    }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        HttpSession session = request.getSession(true);

        PrintWriter out = response.getWriter();
        String connectionURL = sConn;
        Connection connection = null;
        ResultSet rs;
        String userName = new String("");
        String passwrd = new String("");
        response.setContentType("text/html");
        out.println("<link rel=\"stylesheet\" type=\"text/css\" href=\"serverStyles.css\" />");
        try {
            // Load the database driver
            Class.forName("com.mysql.jdbc.Driver");
            // Get a Connection to the database
            connection = DriverManager.getConnection(connectionURL, sUsr, sPwd);
            //Add the data into the database
            String sql = "select * from " + sTable;
            Statement s = connection.createStatement();
            s.executeQuery(sql);
            rs = s.getResultSet();
            String password = request.getParameter("pass");
            String passwordHash = Crypter.crypt(password);
            request.getSession().invalidate();
            while (rs.next()) {              
                    if (rs.getString("Username").equals(request.getParameter("user"))) {
                        if (passwordHash.equals(rs.getString("pass"))) {
                            userName = rs.getString("Username");
                            passwrd = rs.getString("pass");
                            new Watcher().register(userName, request.getSession().getId());
                            String forward = "<meta http-equiv=\"refresh\" content=\"0; URL=start.jsp?user=" + userName + "&id=" + session.getId() + "&uid="
                                    +rs.getString("id")+"\">";
                            out.println(forward + "WELCOME " + new String(userName).toUpperCase());
                            break;
                        } else {                        
                            out.println("<meta http-equiv=\"refresh\" content=\"0; URL=noAuthority.jsp\">");
                        }
                    }
            }
            rs.close();
            s.close();
        } catch (Exception e) {
            System.out.println("Exception is ;" + e);
        }
    }
}  